Creating a new incident via API

Comments

1 comment

  • Avatar
    Nancy Wang

    Hi Paul, 

    Thanks for your question!

    For Alert Logic to be able to create any incident from third party events and logs, we would first need to set up log ingestion for the third party data source. Currently Alert Logic ingests Trend Micro AV logs, and native ingestion for Trend Micro Vision One logs is a roadmap item. Once the collection is complete, we have self correlation capability in Alert Logic Search product which can allow customer defined incidents to be triggered.

    If Trend Micro Version One allows you to configure log collection via JSON format, you can also send the Trend Micro Version One logs using Syslog collection method. We will be able to create customer defined incidents with this method as well.

    Thanks,

    Alert Logic Team

    0
    Comment actions Permalink

Please sign in to leave a comment.